package src.queries;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

import  src.entities.User;
import  src.exceptions.InvalidLoginException;

public class LoginQueries extends UserQueries {
	

	public LoginQueries(Connection c, SecurityQueries security) {
		super(c, security);
	}

	public User verifyLogin(String userName, String password) throws InvalidLoginException, SQLException{
		PreparedStatement p1 = makePreparedStatement(
				"Select * FROM users WHERE user_name = ?" +
				"AND password = ?");

		p1.setString(1, userName);
		p1.setString(2, password);
		ResultSet rs1 = null;
		try {
			rs1 = p1.executeQuery();
		} catch (SQLException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		
		PreparedStatement p2 = makePreparedStatement(
				"Select * FROM persons WHERE user_name = ?");
		p2.setString(1, userName);
		ResultSet rs2 = p2.executeQuery();
		
		
		
		rs2.next();
		if(rs1.next()){
			User user = new User(rs1.getString("user_name"), rs1.getString("password"), 
					rs1.getString("class"), rs1.getDate("date_registered"),
					rs2.getString("first_name"), rs2.getString("last_name"), 
					rs2.getString("address"), rs2.getString("phone"), rs2.getString("email"));
			return user; 
			
		}
		else{
			throw new InvalidLoginException();
		} 
	}

}
